Skip to content
/ super-linter Public
forked from super-linter/super-linter

Combination of multiple linters to install as a GitHub Action

License

MIT license
0 stars 971 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jbeantx/super-linter

BranchesTags
 
 

Repository files navigation

Super-Linter

This repository is for the GitHub Action to run a Super-Linter. It is a simple combination of various linters, written in bash, to help validate your source code.

Codacy Badge

The end goal of this tool:

  • Prevent broken code from being uploaded to the default branch (Usually master or main)
  • Help establish coding best practices across multiple languages
  • Build guidelines for code layout and format
  • Automate the process to help streamline code reviews

Table of Contents

How it Works

The super-linter finds issues and reports them to the console output. Fixes are suggested in the console output but not automatically fixed, and a status check will show up as failed on the pull request.

The design of the Super-Linter is currently to allow linting to occur in GitHub Actions as a part of continuous integration occurring on pull requests as the commits get pushed. It works best when commits are being pushed early and often to a branch with an open or draft pull request. There is some desire to move this closer to local development for faster feedback on linting errors but this is not yet supported.

Supported Linters

Developers on GitHub can call the GitHub Action to lint their code base with the following list of linters:

Language Linter
Ansible ansible-lint
Azure Resource Manager (ARM) arm-ttk
AWS CloudFormation templates cfn-lint
C# dotnet-format
CSS stylelint
Clojure clj-kondo
CoffeeScript coffeelint
Copy/paste detection jscpd
Dart dartanalyzer
Dockerfile dockerfilelint / hadolint
EDITORCONFIG editorconfig-checker
ENV dotenv-linter
Gherkin gherkin-lint
Golang golangci-lint
Groovy npm-groovy-lint
HTML HTMLHint
Java checkstyle
JavaScript eslint / standard js
JSON jsonlint
Kubeval kubeval
Kotlin ktlint
LaTeX ChkTex
Lua luacheck
Markdown markdownlint
OpenAPI spectral
Perl perlcritic
PHP PHP built-in linter / PHP CodeSniffer / PHPStan / Psalm
PowerShell PSScriptAnalyzer
Protocol Buffers protolint
Python3 pylint / flake8 / black / isort
R lintr
Raku Raku
Ruby RuboCop
Rust Rustfmt / Clippy
Shell Shellcheck / [executable bit check] / shfmt
Snakemake snakefmt / snakemake --lint
SQL sql-lint
Tekton tekton-lint
Terraform tflint / terrascan
Terragrunt terragrunt
TypeScript eslint / standard js
XML LibXML
YAML YamlLint

How to use

More in-depth tutorial available

To use this GitHub Action you will need to complete the following:

  1. Create a new file in your repository called .github/workflows/linter.yml
  2. Copy the example workflow from below into that new file, no extra configuration required
  3. Commit that file to a new branch
  4. Open up a pull request and observe the action working
  5. Enjoy your more stable, and cleaner code base
  6. Check out the Wiki for customization options

NOTE: If you pass the Environment variable GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} in your workflow, then the GitHub Super-Linter will mark the status of each individual linter run in the Checks section of a pull request. Without this you will only see the overall status of the full run. There is no need to set the GitHub Secret as it is automatically set by GitHub, it only needs to be passed to the action.

Example connecting GitHub Action Workflow

In your repository you should have a .github/workflows folder with GitHub Action similar to below:

  • .github/workflows/linter.yml
    • Example file can be found at TEMPLATES/linter.yml

This file should have the following code:

---
###########################
###########################
## Linter GitHub Actions ##
###########################
###########################
name: Lint Code Base

#
# Documentation:
# https://help.github.com/en/articles/workflow-syntax-for-github-actions
#

#############################
# Start the job on all push #
#############################
on:
  push:
    branches-ignore: [master]
    # Remove the line above to run when pushing to master
  pull_request:
    branches: [master]

###############
# Set the Job #
###############
jobs:
  build:
    # Name the Job
    name: Lint Code Base
    # Set the agent to run on
    runs-on: ubuntu-latest

    ##################
    # Load all steps #
    ##################
    steps:
      ##########################
      # Checkout the code base #
      ##########################
      - name: Checkout Code
        uses: actions/checkout@v2
        with:
          # Full git history is needed to get a proper list of changed files within `super-linter`
          fetch-depth: 0

      ################################
      # Run Linter against code base #
      ################################
      - name: Lint Code Base
        uses: github/super-linter@v3
        env:
          VALIDATE_ALL_CODEBASE: false
          DEFAULT_BRANCH: master
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Add Super-Linter badge in your repository README

You can show Super-Linter status with a badge in your repository README

GitHub Super-Linter

Format:

[![GitHub Super-Linter](https://github.com/<OWNER>/<REPOSITORY>/workflows/Lint%20Code%20Base/badge.svg)](https://github.com/marketplace/actions/super-linter)

Example:

[![GitHub Super-Linter](https://github.com/nvuillam/npm-groovy-lint/workflows/Lint%20Code%20Base/badge.svg)](https://github.com/marketplace/actions/super-linter)

Note: IF you did not use Lint Code Base as GitHub Action name, please read GitHub Actions Badges documentation

Environment variables

The super-linter allows you to pass the following ENV variables to be able to trigger different functionality.

Note: All the VALIDATE_[LANGUAGE] variables behave in a very specific way:

  • If none of them are passed, then they all default to true.
  • If any one of the variables are set to true, we default to leaving any unset variable to false (only validate those languages).
  • If any one of the variables are set to false, we default to leaving any unset variable to true (only exclude those languages).
  • If there are VALIDATE_[LANGUAGE] variables set to both true and false. It will fail.

This means that if you run the linter "out of the box", all languages will be checked. But if you wish to select or exclude specific linters, we give you full control to choose which linters are run, and won't run anything unexpected.

ENV VAR Default Value Notes
ACTIONS_RUNNER_DEBUG false Flag to enable additional information about the linter, versions, and additional output.
ANSIBLE_CONFIG_FILE .ansible-lint.yml Filename for Ansible-lint configuration (ex: .ansible-lint, .ansible-lint.yml)
ANSIBLE_DIRECTORY /ansible Flag to set the root directory for Ansible file location(s), relative to DEFAULT_WORKSPACE. Set to . to use the top-level of the DEFAULT_WORKSPACE.
CSS_FILE_NAME .stylelintrc.json Filename for Stylelint configuration (ex: .stylelintrc.yml, .stylelintrc.yaml)
DEFAULT_BRANCH master The name of the repository default branch.
DEFAULT_WORKSPACE /tmp/lint The location containing files to lint if you are running locally.
DISABLE_ERRORS false Flag to have the linter complete with exit code 0 even if errors were detected.
DOCKERFILE_HADOLINT_FILE_NAME .hadolint.yaml Filename for hadolint configuration (ex: .hadolintlintrc.yaml)
EDITORCONFIG_FILE_NAME .ecrc Filename for editorconfig-checker configuration
ERROR_ON_MISSING_EXEC_BIT false If set to false, the bash-exec linter will report a warning if a shell script is not executable. If set to true, the bash-exec linter will report an error instead.
FILTER_REGEX_EXCLUDE none Regular expression defining which files will be excluded from linting (ex: .*src/test.*)
FILTER_REGEX_INCLUDE all Regular expression defining which files will be processed by linters (ex: .*src/.*)
GITHUB_DOMAIN github.com Specify a custom Github domain in case Github Enterprise is used: e.g. github.myenterprise.com
GITHUB_CUSTOM_API_URL api.github.com Specify a custom Github API URL in case Github Enterprise is used: e.g. https://github.myenterprise.com/api/v3/
IGNORE_GITIGNORED_FILES false If set to true, super-linter will ignore all the files that are ignored by Git.
JAVASCRIPT_ES_CONFIG_FILE .eslintrc.yml Filename for eslint configuration (ex: .eslintrc.yml, .eslintrc.json)
JAVASCRIPT_DEFAULT_STYLE standard Flag to set the default style of javascript. Available options: standard/prettier
JSCPD_CONFIG_FILE .jscpd.json Filename for JSCPD configuration
LINTER_RULES_PATH .github/linters Directory for all linter configuration rules.
LOG_FILE super-linter.log The file name for outputting logs. All output is sent to the log file regardless of LOG_LEVEL.
LOG_LEVEL VERBOSE How much output the script will generate to the console. One of ERROR, WARN, NOTICE, VERBOSE, DEBUG or TRACE.
MULTI_STATUS true A status API is made for each language that is linted to make visual parsing easier.
MARKDOWN_CONFIG_FILE .markdown-lint.yml Filename for Markdownlint configuration (ex: .markdown-lint.yml, .markdownlint.json, .markdownlint.yaml)
MARKDOWN_CUSTOM_RULE_GLOBS .markdown-lint/rules,rules/** Comma-separated list of file globs matching custom Markdownlint rule files.
OUTPUT_DETAILS simpler What level of details to be reported. Supported formats: simpler or detailed.
PYTHON_BLACK_CONFIG_FILE .python-black Filename for black configuration (ex: .isort.cfg, pyproject.toml)
PYTHON_FLAKE8_CONFIG_FILE .flake8 Filename for flake8 configuration (ex: .flake8, tox.ini)
PYTHON_ISORT_CONFIG_FILE .isort.cfg Filename for isort configuration (ex: .isort.cfg, pyproject.toml)
PYTHON_MYPY_CONFIG_FILE .mypy.ini Filename for mypy configuration (ex: .mypi.ini, setup.config)
PYTHON_PYLINT_CONFIG_FILE .python-lint Filename for pylint configuration (ex: .python-lint, .pylintrc)
RUBY_CONFIG_FILE .ruby-lint.yml Filename for rubocop configuration (ex: .ruby-lint.yml, .rubocop.yml)
SUPPRESS_POSSUM false If set to true, will hide the ASCII possum at top of log output. Default is false
SNAKEMAKE_SNAKEFMT_CONFIG_FILE .snakefmt.toml Filename for Snakemake configuration (ex: pyproject.toml, .snakefmt.toml)
SSL_CERT_SECRET none SSL cert to add to the Super-Linter trust store. This is needed for users on self-hosted runners or need to inject the cert for security standards (ex. ${{ secrets.SSL_CERT }})
SQL_CONFIG_FILE .sql-config.json Filename for SQL-Lint configuration (ex: sql-config.json , .config.json)
TYPESCRIPT_ES_CONFIG_FILE .eslintrc.yml Filename for eslint configuration (ex: .eslintrc.yml, .eslintrc.json)
VALIDATE_ALL_CODEBASE true Will parse the entire repository and find all files to validate across all types. NOTE: When set to false, only new or edited files will be parsed for validation.
VALIDATE_ANSIBLE true Flag to enable or disable the linting process of the Ansible language.